Firefly’s PaCAI Takes Policy-as-Code to the Next Level with ChatGPT AI Technology

Firefly, an innovator that is forging new ground for managing multi-cloud infrastructure, announced it has created the first AI-driven policy-as-code (PAC) generator that is implemented within a cloud asset management platform. This new capability empowers cloud engineers to control their cloud resources without requiring knowledge of unique policy automation syntax, bringing a new level of simplicity and efficiency to multi-cloud governance.

Introducing PaCAI, the groundbreaking Policy-as-Code generator within the Firefly Cloud Asset Management solution, that utilizes the latest advancements in AI technology to offer users an effortless and intuitive way to create customized policies for multi-cloud. With PaCAI, users can simply provide a natural language prompt describing their desired policy, and using the OpenAI GPT Model model, PACAI will seamlessly and automatically generate the corresponding code for the desired policy.

Recommended AI: Cognni Launches AI-Powered Automated Infosec Risk Assessment Product

Policy-as-Code is critical to preventing misconfigurations

For companies that are cloud-forward, with multiple cloud service providers and usually multiple cloud accounts, achieving governance for their cloud infrastructure is very difficult. The 2023 State of IaC Report found that reliability and governance are chief concerns of managing cloud infrastructures. Empowering developers to self-serve their infrastructure can be a double-edged sword. While it can speed the velocity of DevOps development, it can compound an already challenging cloud platform management challenge when many people have the ability to change the cloud configurations used.

At a presentation during Kubernetes Day in Amsterdam last week, Hashicorp shared that 9% of cloud costs can be attributed to cloud misconfigurations. Similarly, Trend Micro’s report reveals that infrastructure misconfigurations or failures are responsible for up to 70 percent of security events. According to a Gartner report, up to 99% of cloud environment failures will be attributed to human errors. Having the ability to automatically apply guardrails that prevent misconfigurations can save not only cloud costs, but improve reliability and security as well.

By applying automated policies, users can ensure, for instance, that the less expensive EC3 is used instead of EC2. (Firefly users have saved tens of thousands through this insight alone.) It can also ensure that S3 buckets are not open to public access, and identify other very detailed misconfigurations like these. Firefly has been including OPA guardrails in its Cloud Asset Management solution, along with custom rules that enable bespoke policies. (A favorite use for custom rules is ensuring consistent labeling of cloud assets to simplify management and reporting.) This blog article explains the integration in more detail.

Recommended AI: SAS Joins CESMII to Accelerate the Adoption of Analytics and AI

Avoiding the need to know yet another language

Open Policy Agent uses Rego, a purpose-built declarative policy language. While not too difficult to learn, it is yet another skill needed by already-stretched DevOps and platform engineers.

Firefly’s new PaCAI capability within its Cloud Asset Management solution, abstracts away that concern. By using AI technology, Firefly helps users craft their own unique policies by stating the requirement in natural English language. The user enters their query just as they would ask a person to apply the rule, then PaCAI turns it into policy language that can be applied to cloud infrastructure directly through Firefly. An evaluation button shows what the policy violations would be. If the user doesn’t like the anticipated results, they can ask for a new iteration of the code to produce the desired result. This new policy engine works on cloud, Kubernetes, and SaaS applications, applying consistent policies across multi-cloud architectures and all of an organization’s cloud assets.

End-to-end cloud change management

Policy automation can help DevOps teams and platform engineers alike by providing consistent environments for cloud-native applications, save time in both coding and troubleshooting, and can improve an organization’s adherence to industry regulations and security requirements.

While policy automation can prevent misconfigurations, it is not enough on its own. Cloud native organizations also need the ability to detect configuration changes (aka ‘drift’) not covered by policies and have visibility into how those changes came about. The Firefly Cloud Asset Management solution combines the new PaCIA with Drift Detection and another recently released feature, Asset History for comprehensive cloud control.

• PaCAI proactively prevents errors and misconfigurations,
• Drift detection and remediation identifies changes to configurations and provides precise remediation,
• Asset History provides a powerful audit tool showing who changed what, when and how for changes not governed by policies.

Recommended AI: Millennium Physician Group and Navina Release Value-Based Results of Technology Implementation

[To share your insights with us, please write to sghosh@martechseries.com]